"Open by default" is a term bandied around when talking about open data policy. I find the phrase often helps lift the barriers rather than bring them down but if you have any concerns about privacy in releasing data, then "open by default" is just going to set off alarm bells.
"Open by design = closed by design, 2 sides of the same coin"
I prefer to say "open by design". What do I mean by this? Open by design means well considered, systematic and safe release of open data. Open by design equals closed by design, they are two sides of the same coin. In order to safely release data, maintaining public trust, you need to ensure privacy is adequately protected.
"The question should not be "will we open this data?", rather
"how will we open this data?""
Open by design includes doing a privacy impact assessment (The Privacy Commission provides a very useful Privacy Impact Assessment Toolkit) to determine the impact on privacy the data may have, and therefore whether some action is needed to protect privacy. Actions may include some level of aggregation and/or de-identification (the removal of data attributes (columns) that may identify individuals). The question should not be "will we open this data?", rather "how will we open this data?"
Open by design is more than just factoring in privacy protection, it's about thinking of data as potentially being open throughout its lifecycle, or even before it is created. It's about planning for open data from the moment you start thinking about collecting data.
Data is collected in a number of ways, for example through surveys; sensors; registration; information provided under compliance; everyday transactions such as benefit payments or service delivery. In some cases the data is collected directly by government agencies, and often the data is collected by the private sector or NGOs who are providing services on behalf of the government under contract.
Therefore open by design should start with the contract for services (or even the request for proposal/tender). It should be communicated up front that the agency wants to retain the copyright in the data associated with the provision of the service and that it will be made available to the public and licensed for reuse. This should be specified in the deliverables.
For example, when contracting out the provision of bus services, timely provision of data for timetables, current bus location and ticketing should be specified requirements. This data should also be requested in an open, standardised and machine-readable format.
Where data is collected in a system that supports a particular business process, then to release open data may be as simple as generating a report to export the dataset without personal information included and in an open file format. For some legacy systems this may be a challenge, but for any new system available now this shouldn't be constraint.
"Open data may be as simple as generating a report"
Therefore any new system project, just as it should consider reporting output required for management upfront, it should also consider open data output upfront. And just as it should specify security requirements upfront, it should also specify what needs to be done to safely filter out open data output.
It should work out what data can be released, at what point in the information flow, and what processing/filtering should it undergo as it's released. Doing this thinking upfront ensures minimal marginal cost specifically to release open data and will enable it to be produced systematically as a consequence of doing business.
To help open by design happen in your organisation you need to embed open thinking into your processes and procedures throughout the organisation. It's not just an IT department or website publishing function.
For example legal and procurement staff need to be aware and have it on the checklist when processing procurement contracts. Project managers need to be aware and ensure firstly that data is considered, then to ensure it can be made openly available – and not just for IT projects, but any project to do with any part of the organisation's operations.
The potential data may be real-time location data; statistics of services delivered; or even service delivery metrics that help manage the quality of service and help evaluate cost efficiency (which if it is released as open data, creates transparency and strengthens public trust and confidence).
Communications staff need to be aware of intentions to be open, and publishing procedures include open data considerations. Finance staff need to be aware to release financial statements in machine-readable format – before they start formatting reports/spreadsheets to be human-readable.
Being open by design may even extend to induction of new staff, where they are made aware of the expectations of working in an open government.
Open by design is having the spirit of open government embedded in the everyday consciousness of government employees as they carry out their work.
Photo: 'Sardines' by Catherine Day is licensed under CC BY-NC 2.0